<?php
class CustomerLogin extends WebService_base{
	var $session; 
	/**
	 * Constructor
	 *
	 */
	function __construct(){
		parent::__construct();
	}
	/**
	 * Credentials takes raw input from user and prepares it for the authentication process
	 *
	 * @param string $rawEmail
	 * @param string $rawPass
	 * @return mixed
	 */
	private function Credentials($rawEmail = null, $rawPass = null){
		if (isset($rawEmail) && ($rawPass)) {
			$email_address = tep_db_prepare_input($rawEmail);
    		$password = tep_db_prepare_input($rawPass);
    		$return = array('email_address'=>$email_address, 'password'=>$password);
		} 	
		else
			$return = array('error'=>'You must supply a login and password.');

		return $return;	
	}

	/**
	 * test for valid e-mail address
	 *
	 * @param string $email_address
	 * @return mixed
	 */
	private function CustomerEmail($email_address){
		$return = array();
		if($this->ws_get_config())
			$GLOBALS['db_link'] = $this->db_connect();
		else
			$GLOBALS['db_link'] = tep_db_connect(); 
		$add_option="";
		if (ACCOUNT_USERNAME=="true") 
			$add_option=" or customers_username='" . tep_db_input($email_address) . "'";
		$check_customer_query = tep_db_query("select customers_id, customers_firstname, customers_password, customers_email_address, customers_default_address_id,encryption_style from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "' " . $add_option);
		if (tep_db_num_rows($check_customer_query)) {
			$return = tep_db_fetch_array($check_customer_query);
		}
		return  $return;
	}
	
	/**
	 * Check Customer password
	 * 
	 * @param mixed $check_customer
	 * @param string $password
	 * @return bool
	 */
	private function CustomerPassword($check_customer = array(),$password = null){
		 if (!tep_validate_password($password, $check_customer['customers_password'],$check_customer['encryption_style']))
		 	return false;
		 else 
		 	return true;
	}

	/**
	 *
	 *  @param string $email
	 *  @param string $pass
	 *  @return mixed
	 */
	function Login($email, $pass){
		$info = array();
		if($_SESSION['logged_in'])
			return array($_SESSION['logged_in']);
		$creds = $this->Credentials($email, $pass);
		$info = $this->CustomerEmail($creds['email_address']);
		if($this->CustomerPassword($info, $creds['password'])){
			$_SESSION['logged_in'] = true;
			return $info;
		}
		else {
			unset($info);
			$info = array('ERROR'=> 'The e-mail address, or login ID, and password are not valid'); 
			return $info;
		}
	}
}
?>